GreenLake Administration
- Community Home
- >
- Servers and Operating Systems
- >
- Operating Systems
- >
- Operating System - HP-UX
- >
- Re: System and network administration
Operating System - HP-UX
1850399
Members
1889
Online
104054
Solutions
Forums
Categories
Company
Local Language
back
Forums
Discussions
Knowledge Base
Forums
- Data Protection and Retention
- Entry Storage Systems
- Legacy
- Midrange and Enterprise Storage
- Storage Networking
- HPE Nimble Storage
Discussions
Forums
Discussions
Discussions
Forums
Discussions
back
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Blogs
Information
Community
Resources
Community Language
Language
Forums
Blogs
Topic Options
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
07-09-2002 12:24 AM
07-09-2002 12:24 AM
System and network administration
Hi all,
managing several HPUX's, Suns, Linux, xBSD and WinX machines, where almost the only thing they have in common is that they are using TCP/IP, I recently stumbled several times over the following: licenses are often bound to (one of) the IP addresses of the host the software is running on. This gives problems when renumbering your network and moving applications between hosts.
Why not bind such serial numbers to an additional loopback address?
Thinking further: why not bind your network applications only to those addresses (with xinetd)?
After some testing, I concluded this might work on HP, Sun and WinX, using "ifconfig lo0:1 ..." and the infamous "ms loopback adapter".
Additional advantages (combined with a SAN) include easier failover to other hardware (giving higher availability and possibilities for testing), loadbalancing, simplified license administration and easier firewall administration (by grouping the loop back's and then blocking those ranges of addresses).
The disadvantages are also clear: you have to use routing on the hosts themselves.
I don't have the illusion to think that I'm the first to come up with this 'solution', so please comment. What are your experiences with this?
Technically, you have the choice of using a net (/30) or a host route (/32). Having no experience with the latter and reading some severe warnings about them on the net, what would you use? What if you are short on (public) addresses?
Sincerely,
Jan de Haan.
managing several HPUX's, Suns, Linux, xBSD and WinX machines, where almost the only thing they have in common is that they are using TCP/IP, I recently stumbled several times over the following: licenses are often bound to (one of) the IP addresses of the host the software is running on. This gives problems when renumbering your network and moving applications between hosts.
Why not bind such serial numbers to an additional loopback address?
Thinking further: why not bind your network applications only to those addresses (with xinetd)?
After some testing, I concluded this might work on HP, Sun and WinX, using "ifconfig lo0:1 ..." and the infamous "ms loopback adapter".
Additional advantages (combined with a SAN) include easier failover to other hardware (giving higher availability and possibilities for testing), loadbalancing, simplified license administration and easier firewall administration (by grouping the loop back's and then blocking those ranges of addresses).
The disadvantages are also clear: you have to use routing on the hosts themselves.
I don't have the illusion to think that I'm the first to come up with this 'solution', so please comment. What are your experiences with this?
Technically, you have the choice of using a net (/30) or a host route (/32). Having no experience with the latter and reading some severe warnings about them on the net, what would you use? What if you are short on (public) addresses?
Sincerely,
Jan de Haan.
3 REPLIES 3
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
07-10-2002 05:53 AM
07-10-2002 05:53 AM
Re: System and network administration
Jan,
I can offer my experience with HPUX 11.0 and 11.11 using the lo0:1 loopback addresses. You can assign the address to an address on the same subnet as one of the network cards, or you can make a unique subnet as well. If you are short on public addresses, and are not routing outside your company without NAT, then you could always use a 192.168.1.x address or 10.x.x.x address.
Hope this helps,
-> Brian Hackley
I can offer my experience with HPUX 11.0 and 11.11 using the lo0:1 loopback addresses. You can assign the address to an address on the same subnet as one of the network cards, or you can make a unique subnet as well. If you are short on public addresses, and are not routing outside your company without NAT, then you could always use a 192.168.1.x address or 10.x.x.x address.
Hope this helps,
-> Brian Hackley
Ask me about telecommuting!
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
07-10-2002 07:12 AM
07-10-2002 07:12 AM
Re: System and network administration
FIrst, I'll comment on your license problems. I have yet to see a proper setup where a license is bound to an IP address. License vendors as well as OEM's will tell you to bind them to the hostname. This way, if you renumber your network you do not have to re-issue licenses. (these problems were addressed with cad/cam/cae and db vendors in the early 90's)
Next most facilities nowdays do not put all of their machines on public addresses. 10.x.x.x and 172.x.x.x are the most popular addresses for private routing, and only the 'server side' machines are in the DMZ or on the internet.
Routers have become so cheap now, that running NAT to get clients to the internet is not only (still) safer than public IP's, but cheaper. Not to mention the reduced cost of Proxy software (free GPL with squid), and cheaper firewall products. (checkpoint pricing is down drastically in the last 2 years).
Lastly for applications I will only comment on the UNIX side. I use NFS-Automounting (again with hostnames) to store applications. This means that I can use NFS V3 variables such as $OSNAME, etc... to find served applications for each arcitecture without any headaches.
IMHO windows serves nothing, but is a client OS which has been retagged for higher dollars and should still only run MS-Office. There is no functionality similar to UNIX, and any emulator I have seen for MS ->Unix NFS has been very buggy at best. So again IMHO in a mixed environment, UNIX is your mainstay server and works with anything. (see CIFS and SAMBA for windows <- UNIX connections).
Regards,
Shannon
Next most facilities nowdays do not put all of their machines on public addresses. 10.x.x.x and 172.x.x.x are the most popular addresses for private routing, and only the 'server side' machines are in the DMZ or on the internet.
Routers have become so cheap now, that running NAT to get clients to the internet is not only (still) safer than public IP's, but cheaper. Not to mention the reduced cost of Proxy software (free GPL with squid), and cheaper firewall products. (checkpoint pricing is down drastically in the last 2 years).
Lastly for applications I will only comment on the UNIX side. I use NFS-Automounting (again with hostnames) to store applications. This means that I can use NFS V3 variables such as $OSNAME, etc... to find served applications for each arcitecture without any headaches.
IMHO windows serves nothing, but is a client OS which has been retagged for higher dollars and should still only run MS-Office. There is no functionality similar to UNIX, and any emulator I have seen for MS ->Unix NFS has been very buggy at best. So again IMHO in a mixed environment, UNIX is your mainstay server and works with anything. (see CIFS and SAMBA for windows <- UNIX connections).
Regards,
Shannon
Microsoft. When do you want a virus today?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
07-10-2002 09:51 PM
07-10-2002 09:51 PM
Re: System and network administration
Brian,
thanks for your answer, glad to read that someone else uses this too and clearly with some success. Can you give the reason you used the additional loop back address, the goal you tried to achieve? Yesterday I tried to configure this in /etc/rc.config.d/netconf by hand (sam doesn't give any possibilities for it) on a 712/11.0 test machine, but as a result CDE/dtlogin wouldn't let me in ;-). How did you configure this? /sbin/init.d/xxx & /sbin/rc2.d/Snnnxxx? Is it legal to use loop back like this? Is using a host route (/32) too or are these Bad Things? The host route, by the way, gives you some experience with "ndd -set /dev/ip ip_check_subnet_addr 0".
Sincerely,
Jan de Haan
thanks for your answer, glad to read that someone else uses this too and clearly with some success. Can you give the reason you used the additional loop back address, the goal you tried to achieve? Yesterday I tried to configure this in /etc/rc.config.d/netconf by hand (sam doesn't give any possibilities for it) on a 712/11.0 test machine, but as a result CDE/dtlogin wouldn't let me in ;-). How did you configure this? /sbin/init.d/xxx & /sbin/rc2.d/Snnnxxx? Is it legal to use loop back like this? Is using a host route (/32) too or are these Bad Things? The host route, by the way, gives you some experience with "ndd -set /dev/ip ip_check_subnet_addr 0".
Sincerely,
Jan de Haan
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.
Company
Events and news
Customer resources
© Copyright 2026 Hewlett Packard Enterprise Development LP